masscan -p22,80,443,445,1433,3389 --rate 15000 10.0.0.0/8
Fast enough, without causing DOS
1433 SQL
3389 RDP
If you run w/o 'rate', I will be too fast. Be careful
masscan pp0-65535 --rate 15000 --output-format binary --output-filename full.mass 10.0.0.0/8
-oL ..List
-oJ ..JSon
-oG ..Grepable
-oB ..Binary - fast but unreadable
-oX ..XML
-oU ..Unicorn
Convert Later:
masscan --read-scan full.mass --output-format xml --output-filename full.xml
masscan --read-scan full.mass --output-format grepable --output-filename full.txt
gobuster
------------------------
locate common.txt ..fast/ok
locate medium.txt ..catches more
gobuster -u http://$IP -w medium.txt
gobuster dir -u http://$IP/admin -w ...
gobuster dir -u http://$IP/nibbleblog/admin/ -w -o gobuster.log
gobuster dir -u https://$IP/ -w ..medium.txt -k
gobuster dir -u https://$IP --noprogress --wordlist ..medium.txt -k
gobuster dir -u https://$IP -w ..medium.txt -k -x php,txt,bak,conf
-f: flag appends / to end of directory
-x: file extensions to search for
-o: output
-k: ignore SSL certificate warnings
-a: 'Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0'
------------------------
Shellshock:
gobuster dir -u $IP -w medium.txt
gobuster dir -u $IP -f -w medium.txt
gobuster dir -u $IP/cgi-bin/ -w medium.txt -x sh,cgi,pl,py,php